CVE-2023-2074

A vulnerability was found in Campcodes Online Traffic Offense Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely...

CVE-2023-0986

A vulnerability classified as critical has been found in SourceCodester Sales Tracker Management System 1.0. This affects an unknown part of the file admin/?page=user/manageuser of the component Edit User. The manipulation of the argument id leads to sql injection. It is possible to initiate the...

CVE-2023-1459

A vulnerability was found in SourceCodester Canteen Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file changeUsername.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The...

CVE-2023-1592

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file admin/courses/viewclass.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The...

WordPress plugin WhatsCart SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

CVE-2022-40098

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/updateexpense.php...

CVE-2022-41515

Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /saccoshield/ajax.php?action=deletepayment...

CVE-2022-22975

An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name CN of their user entry on the LDAP or AD server to include special characters, which could be used ...

CVE-2021-1481

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management...

CVE-2016-10939

The xtremelocator plugin 1.5 for WordPress has SQL injection via the id parameter...

Human Metapneumovirus Testing Management System /edit-phlebotomist.php File SQL Injection Vulnerability

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. Human Metapneumovirus Testing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter...

Zoo Management System /admin/edit-animal-details.php File SQL Injection Vulnerability

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter aname in the file /admin/edit-animal-details.php. An attacker can exploit this...

CVE-2025-5032

A vulnerability classified as critical has been found in Campcodes Online Shopping Portal 1.0. Affected is an unknown function of the file /admin/edit-category.php. The manipulation of the argument Category leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-5003

A vulnerability has been found in projectworlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /semesterajax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

WordPress plugin WPAMS SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

Hospital Management System 注入漏洞

Hospital Management System is a hospital management system by Kishan Lal, an individual developer. An injection vulnerability exists in Hospital Management System version 1.0, which originates from SQL injection due to manipulation of the parameter ID in the file /doctor-panel.php...

Projectworlds Online Lawyer Management System SQL注入漏洞

Projectworlds Online Lawyer Management System is an online lawyer management system from Projectworlds India. A security vulnerability exists in Projectworlds Online Lawyer Management System version 1.0, which originates from an SQL injection due to the manipulation of the parameter email in the...

PHPGurukul Daily Expense Tracker System 安全漏洞

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. The Daily Expense Tracker System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the email parameter of the file /forgot-password.php. An...

PHPGurukul Auto Taxi Stand Management System 安全漏洞

Auto Taxi Stand Management System is an auto cab stand management system. Auto Taxi Stand Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter Username in the file /admin/index.php. An...

PHPGurukul Zoo Management System 注入漏洞

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter viewid in file /admin/view-foreigner-ticket.php. An attacker can exploit this...